SCREEN-SHARING SCAMS –  How Fraudsters Use Remote Access Against You 

India’s Most Dangerous Financial Scam Doesn’t Hack Your Bank. It Asks You to Open the Door.

Every major Indian bank has world-class fraud detection. Every UPI transaction is monitored. RBI has built layer after layer of security around your money. Screen-sharing fraud bypasses all of it — because it never touches the bank’s systems. It goes straight to you.

The mechanics are simple. A fraudster calls you posing as bank customer care, an RBI verification agent, a delivery partner, or a job recruiter. They create a plausible reason for you to install a remote access app — AnyDesk, TeamViewer, QuickSupport. Once you install it and share your screen, they can see everything: OTP pop-ups the moment they arrive, your UPI PIN as you type it, your net banking login, your SMS inbox. They do not break in. You let them in.

Victims typically lose ₹5,000 to ₹50,000 in a single session. Some lose their entire bank balance. This guide gives you everything you need to recognise this scam instantly, protect yourself completely, and act quickly if something has already gone wrong.

The Golden Rule — Read This Before Anything Else

If you remember nothing else from this guide, remember this: no legitimate institution in India — not a bank, not RBI, not a UPI company, not a delivery partner, not any government department — ever asks you to install a screen-sharing app. Not once. Not for any reason.

This is not a guideline or a recommendation. It is an absolute. There is no legitimate use case for a bank or government body to access your screen remotely. The entire premise — “we need to see your screen to help you” — is the fraud itself. The moment anyone asks for this, the call is over.

You do not need to be rude. You do not need to explain yourself. You hang up, and then you verify with your bank using the number on the back of your card or in your banking app.

✔  Pro Tip: Save your bank’s official fraud helpline in your phone contacts right now — before you need it.If you receive a suspicious call claiming to be from your bank, hang up and call that saved number back.A real bank representative calling you will never be offended that you verified. A scammer will pressure you not to.

How This Scam Starts — Every Pretext Fraudsters Use

Screen-sharing fraud always begins with a believable pretext. Fraudsters choose scenarios that create urgency, involve authority, or offer something you want — a refund, a job, a resolved delivery issue. The pretext is designed to make the request for screen sharing seem reasonable. None of it is.

Who They Pretend to Be	Trigger Line They Use	What They Actually Want
Fake bank customer care	“Your account has been flagged for suspicious activity — we need to verify it remotely.”	Your OTP, UPI PIN, and net banking login visible on screen
Fake RBI / KYC agent	“Your KYC is expiring. Your account will be blocked tonight unless you complete verification now.”	Aadhaar/PAN details, banking credentials, SMS OTPs
Fake UPI support (GPay / PhonePe)	“Your UPI ID is showing an error. Share your screen so we can fix it from our end.”	UPI PIN entry, linked bank account details
Fake delivery partner	“Address update nahi ho raha app mein — ek minute screen share kar do.”	OTP pop-ups, SMS inbox, any financial app open on screen
Fake job / loan agent	“Document verification ke liye screen share karna padega — it’s our standard process.”	Banking app activity, SMS inbox, identity documents
Fake Amazon / Flipkart refund agent	“Hamne galti se extra amount bhej diya — refund process ke liye screen share karo.”	UPI app navigation, PIN entry, transaction approval

⚠  Important Note: Fraudsters often know your name, your bank’s name, sometimes your partial account number or your last transaction. This information comes from data leaks, social media, and previous scam attempts. Knowing these details does not make a caller legitimate. It makes them more dangerous, because it creates false credibility. Verify independently regardless.

What Scammers Can See and Do Once You Share Your Screen

This is the part most people underestimate. Sharing your screen is not giving someone a limited view of one thing. It is giving them a live feed of your entire phone, updated in real time. Everything that appears on your screen — for as long as the session runs — is visible to them.

What They Can Access	How They Use It Against You
OTP pop-ups and SMS inbox	Read every OTP the moment it arrives. Authorise transactions before you even notice the message.
UPI PIN entry screen	Watch you type your PIN. Use it immediately to approve a collect request or initiate a transfer.
Net banking login	Capture your username and password as you type. Reset your account from another device.
Banking app screens	See your account balance, linked accounts, and transaction history. Plan the maximum they can extract.
Aadhaar / PAN images	Use for identity theft, SIM-swap requests with your mobile operator, or loan fraud.
Email and social media	Reset banking passwords via email. Access saved card details on shopping platforms.
Session recording	Many remote access apps record the entire session. Credentials captured once can be used repeatedly.

⚠  Important Note: The fraudster does not need direct control of your phone to steal from you. They watch your screen and tell you what to tap. “Open your UPI app now.” “Yes, tap confirm.” “Don’t worry, this is just a verification step.” By the time the session ends, you have approved a payment, they have your PIN, and your account is drained. All while believing you were being helped.

Four Active Fraud Patterns Targeting Indian Users Right Now

These four patterns account for the overwhelming majority of screen-sharing fraud cases reported in India. The scripts vary slightly but the structure is always the same: create urgency, establish fake authority, request screen sharing, watch and extract.

Pattern	How It Plays Out	The Moment to Recognise It
A.  KYC Expiry	You receive an SMS or WhatsApp about expiring KYC. A caller follows up, sounds official, and asks you to install AnyDesk. They guide you to open your UPI app and watch everything.	No bank or RBI sends KYC update requests via WhatsApp. Any caller who follows up a KYC message and asks for screen sharing is a fraudster.
B.  Refund Scam	“We sent extra money by mistake and need to recover it.” They ask you to open your UPI app and share your screen to ‘process the refund.’ They watch you enter your PIN and immediately send a collect request.	Real refunds are automatic. No refund process requires screen sharing or you entering your UPI PIN.
C.  Delivery Update	A fake delivery partner calls about a package that cannot be delivered. They ask for a quick screen share to ‘update the address in their system.’ They watch your SMS inbox for OTPs.	Real delivery companies update addresses through their own app or website. They never need access to your screen.
D.  Job / Loan Verification	A fake HR executive or loan agent asks for screen sharing to ‘verify documents’ as part of an onboarding process. They capture your banking app activity and SMS inbox during the ‘verification.’	Legitimate employers and lenders verify documents through official portals or in person. Screen sharing is never part of any genuine verification process.

✔  Pro Tip: The common thread across every pattern is urgency. KYC expiring tonight. Refund processing now. Delivery failing today. Job verification due this afternoon.That urgency is manufactured. It is designed to stop you thinking clearly and checking independently.The moment you feel pressured to act immediately, slow down. That pressure is the fraud.

How to Protect Yourself — Six Steps You Can Take Today

The most effective protection against screen-sharing fraud is removing the tools before a fraudster can convince you to use them. The following steps take under 10 minutes in total and close every door this scam relies on.

Protection Step	How to Apply It	What It Prevents
Delete all remote access apps	Search your phone for AnyDesk, TeamViewer, QuickSupport, AirDroid. Uninstall every one.	Removes the tool before a scammer can convince you to use it
Disable install from unknown sources	Android: Settings → Security → Install Unknown Apps → turn off for all apps	Stops scammer-sent APKs from installing even if you tap the link
Enable app-level lock on banking apps	Each banking/UPI app has its own PIN or biometric setting — enable it	Second barrier even if phone screen is shared or phone is unlocked
Turn off lock-screen notification previews	Settings → Notifications → On Lock Screen → Hide Sensitive Notifications	OTPs do not appear on screen while it is being watched remotely
Enable 2FA on email linked to bank accounts	Gmail / Outlook → Security → Two-Step Verification → enable	Prevents password reset attacks via your email account
Block unknown callers	Phone app → Settings → Block Numbers / Spam Protection — enable	Reduces the volume of fraudulent calls reaching you

✔  Pro Tip: Do a monthly check: search your phone for AnyDesk, TeamViewer, QuickSupport, AirDroid, and any app with ‘remote’ or ‘support’ in its name. If you find any that you did not deliberately install for professional use, uninstall them.This single habit takes under 60 seconds and eliminates the tool fraudsters depend on.

The 10-Second Safety Checklist for Any Suspicious Call

Use this table the moment a call or message feels unusual. You do not need to analyse the situation in detail. If what they are saying matches anything in the left column, the response in the right column is always correct.

If They Say or Ask This	Your Response
Unknown caller asking you to install AnyDesk, TeamViewer, or QuickSupport	Scam. Hang up immediately. Do not install anything.
“Share your screen to verify your UPI / bank account.”	Scam. No legitimate institution ever requires this.
“Approve this collect request to verify your account.”	Scam. Approving a collect request sends money out of your account.
“Enter your UPI PIN on screen so we can confirm it.”	Scam. Your PIN is never required for verification by anyone.
“Your KYC is expiring — screen share so we can complete it.”	Scam. KYC is completed through your bank’s official app only.
“We need remote access to fix a problem with your banking app.”	Scam. Banks fix app issues through updates, not remote access.
“Install this support app and share the 9-digit code with me.”	Scam. That 9-digit code is the remote access key to your device.
They already have your name, partial account number, or last transaction details	Still a scam. This data comes from leaks. Knowing it does not make them legitimate.

⚠  Important Note: One line in this table needs particular attention: “They already have your name, partial account number, or last transaction details.” This is the most common reason people do not hang up. They assume that because the caller knows something about them, the caller must be legitimate.This is wrong. That information comes from data leaks. Having it proves nothing. It is a trust-building tactic. Hang up regardless.

What to Do If You Already Shared Your Screen — The First 30 Minutes

If you have already shared your screen with someone, act immediately. Do not wait to see if anything happens. Every minute of delay increases both the amount lost and the difficulty of recovery.Follow these steps in order.

Step 1	Turn off mobile data and Wi-Fi immediately. This cuts the remote session dead — the fraudster loses visibility of your screen and cannot see any further OTPs or app activity.
Step 2	Uninstall the remote access app (AnyDesk, TeamViewer, QuickSupport, AirDroid, or whatever was installed) before reconnecting to the internet.
Step 3	Change your UPI PIN, net banking password, and email password from a secure device on your home Wi-Fi. Do this before opening any financial app on the compromised phone.
Step 4	Call your bank’s 24-hour fraud helpline. Report the incident, ask them to flag your account for unusual activity, and temporarily block your debit and credit cards and UPI access.
Step 5	Check your bank statements, UPI transaction history, and email inbox for any unauthorised activity from the period of the screen share. Raise a dispute for every unauthorised transaction.
Step 6	File a complaint at cybercrime.gov.in and call 1930. This creates a legal record and is required for any formal fraud recovery. Also check if your Aadhaar or PAN details were visible — if so, report at uidai.gov.in.
Step 7	Check your mobile operator account for any SIM-swap requests made in your name. If your SIM stops working unexpectedly, call your operator immediately — Airtel, Jio, Vi, or BSNL.

✔  Pro Tip: The single most important action is Step 1: cut internet access before anything else. This ends the remote session immediately and prevents the fraudster from seeing any further OTPs or app activity while you work through the remaining steps.Save 1930 (national cybercrime helpline) and your bank’s fraud number in your contacts right now, so you are not searching for them in a stressful moment.

Final Word — The Door Is Yours to Close

Screen-sharing fraud is among the most effective financial scams operating in India today precisely because it requires no technical skill to execute and no technical failure to succeed. It only requires one thing: that you install an app and share your screen.

Every protection in this guide addresses that single moment. Delete the apps before a call comes. Recognise the pretext when the call arrives. Know that urgency is the weapon. Understand that no legitimate institution ever needs this access.

You do not need to be suspicious of everyone. You need to know one rule clearly enough that it is automatic: screen-sharing for banking, UPI, KYC, refunds, or any financial purpose is always fraud. Always.

✔  Pro Tip: Share this guide with your parents, your household, and anyone who uses UPI or online banking.Senior citizens are disproportionately targeted by this scam because the authority figures used — bank officials, RBI agents, police — are ones they are conditioned to trust and not question.A single conversation about this scam can protect their entire savings.

Quick Reference — Key Portals and Helplines

Item	Where to Go
Cybercrime Helpline (call)	1930 — national cybercrime reporting hotline, 24×7
Report screen-sharing fraud online	cybercrime.gov.in — National Cyber Crime Reporting Portal
Block UPI / bank cards instantly	Your bank’s mobile app → Cards or UPI → Block, or call the 24-hour fraud helpline
SBI fraud helpline	1800-111-109 (toll-free) or SBI YONO app
HDFC fraud helpline	1800-202-6161 or HDFC MobileBanking app
ICICI fraud helpline	1800-200-3344 or ICICI iMobile app
Axis Bank fraud helpline	1800-419-5959 or Axis Mobile app
Report Aadhaar misuse	uidai.gov.in or call 1947 (UIDAI helpline)
Report SIM swap / mobile fraud	Call your operator: Airtel 121, Jio 198, Vi 199, BSNL 1503
Android: disable unknown sources	Settings → Security → Install Unknown Apps → disable for all apps
Check / remove AnyDesk	Play Store → search AnyDesk → if installed, uninstall immediately
RBI Ombudsman (unresolved fraud)	cms.rbi.org.in — for disputes not resolved by your bank

Key Takeaway

• Screen-sharing fraud works because it bypasses every layer of bank security by getting you to hand over access voluntarily. The technology is not the weakness — the deception is.
• No legitimate institution in India — not a bank, not RBI, not a UPI company, not a delivery partner, not a government department — ever asks for screen sharing. Not once. Not for any reason.
• The Golden Rule: any caller who asks you to install AnyDesk, TeamViewer, or any screen-sharing app is a fraudster. Hang up.Four fraud patterns cover almost all screen-sharing crime in India — KYC expiry, refund scam, delivery update, job/loan verification. Know them and you recognise the script the moment it starts.If you already shared your screen: cut internet immediately, uninstall the app, change all PINs and passwords, call your bank, and file on cybercrime.gov.in within 30 minutes
• .Delete all remote access apps from your phone today. The best protection against this scam is not having the tool installed in the first place.
• If a call feels urgent and they want access to your screen — that urgency is the fraud.